GRC Analyst

About the Role

The GRC analyst helps maintain A-LIGN’s management system as it relates to information security standards. In this role, you will be responsible for the coordination, maintenance, and improvement of A-LIGN’s corporate compliance program, including internal and external audits.

Reports to

Director of Compliance and Program Management

Pay Classification

Full-Time

Responsibilities

• Participate in A-LIGN’s management system as it relates to information security standards (including, but not limited to, SOC 2, ISO 27001, NIST 800-53, NIST 800-171)

• Manage the annual audit calendar.

• Coordinate annual audit activities with both external and internal stakeholders.

• Participate in internal and external audit activities.

• Review and track identified non-conformities and opportunities for improvement resulting from audits.

• Prepare regular compliance reports.

• Review, update, and manage documentation in line with information security standards and corporate objectives.

• Complete third-party questionnaires from clients

• Support the vendor management process.

• Participate in business continuity and disaster recovery planning and test execution. Minimum Qualifications

Education

• Bachelor’s degree in management information systems, Information Security, Cybersecurity, Business or a related field or an equivalent combination of education and experience

Experience

• At least 1 year of IT security, governance, risk, or compliance-related experience

• Knowledge of security and risk frameworks- Preferred knowledge of SOC 2, ISO 27001, NIST 800-53, NIST 800-171

• Preferred: Knowledge of GRC tools (OneTrust, RSA Archer, Oracle, etc.) CERTIFICATIONS

• Preferred: CISA, CISM, Security+, CCSK, ISO Lead Auditor

Skills

• Ability to meet deadlines with a high degree of motivation

• Excellent critical thinking and problem-solving skills

• Strong communication and organizational skills

• Thrives in a fast-paced environment

• Ability to work individually as well as collaboratively Benefits

• Healthcare, Dental, and Vision Benefits

• EAP - Employee Assistance Program

• Competitive Bonus Structure

• Home Office Reimbursement

• Technology Allowance

• Certification Reimbursement

• Public Transportation Card

• Multisport Card

• Personalized Career Coaching

• Generous Paid Time Off

• Paid Office Closure December 24-January 1

• Summer Hours About A-LIGN

A-LIGN is the leading provider of high-quality, efficient cybersecurity compliance programs. Combining experienced auditors and audit management technology, A-LIGN provides the widest breadth and depth of services including SOC 2, ISO 27001, HITRUST, FedRAMP, and PCI. A-LIGN is the number one issuer of SOC 2 and HITRUST and a top three FedRAMP assessor. To learn more, visit a-lign.com.

Come Work for A-LIGN!

Apply online today at A-LIGN.com and learn about life at A-LIGN by following us on LinkedIn.

A-LIGN is an Equal Opportunity Employer.

The personal data you provide to us is processed by A-LIGN Bulgaria. Your personal data is shared with employees of A-LIGN, and the candidate data retention period is 6 months. You have the right to obtain information about the processing of your personal data. In addition, you have the right to correct, to block, and to delete your data in accordance with the local laws and regulations. For more information you can visit A-LIGN’s Job Ads Privacy Policy.